Back to WineSpiritDownload

Privacy Policy

Effective as of April 27, 2026

This Privacy Policy ("Policy") applies to https://www.winespirit.app and any related subdomains, mobile applications, APIs, and services (collectively, the "Service") operated by WineSpirit LLC ("Company," "WineSpirit," "we," "us," or "our").

WineSpirit operates an AI-powered platform that allows adult users to curate, manage, and analyze their personal collections of wines and spirits. By creating an account or otherwise accessing or using the Service, you (a) confirm you are at least 21 years of age, (b) acknowledge that you have read and understood this Policy, and (c) agree to the collection, use, and disclosure of your information as described below. If you do not agree with this Policy, you must not use the Service.

This Policy should be read together with our Terms and Conditions.

I. Information We Collect

A. Information You Provide Voluntarily

When you create an account, use the Service, or contact us, you may provide:

  • First and last name
  • Email address
  • Country of residence
  • Account credentials (passwords are stored hashed; we never see them in plaintext)
  • Confirmation that you are 21 years of age or older
  • Phone number (if you choose to provide one for support)
  • Payment and billing information (only if and when paid features are introduced)
  • Invitation codes you generate, send, or redeem (which associate inviter with invitee for fraud prevention and quota tracking)
  • Information you submit through customer support, surveys, or feedback channels

B. Wine and Spirits Collection Data

The Service is designed for you to record and manage information about your beverage collection. This includes information you choose to enter or upload, such as:

  • Bottle metadata (brand, label, type, vintage, region, purchase price, purchase date, storage location, tasting notes, ratings)
  • Photographs of bottles, labels, and receipts
  • UPC barcodes
  • Insurance, valuation, and forecast data you generate within the Service

This information is yours. We process it solely to provide you with the Service and to enable features you request.

C. AI-Related Inputs

When you upload images (such as bottle labels or receipts) or submit text queries through features such as label scanning, market price lookup, value forecasting, or in-app help, this content is processed by our AI subprocessors as described in Section IV below.

D. Automatically Collected Information

When you use the Service, we may automatically collect:

  • IP address
  • Browser type and version
  • Operating system and device identifiers
  • Access times and time zone
  • Referring URLs
  • Pages viewed, features used, and interaction events
  • Diagnostic and crash information

This data is used to operate, secure, debug, and improve the Service, and to understand aggregate usage patterns.

E. Cookies and Similar Technologies

We use cookies and similar technologies (such as local storage and session tokens) to:

  • Maintain your authenticated session
  • Remember your preferences (such as filter and sort selections)
  • Verify your age confirmation across visits
  • Analyze usage patterns at an aggregate level
  • Detect and prevent fraud and abuse

You may disable or delete cookies through your browser settings; however, disabling certain cookies may prevent you from using core features of the Service such as signing in.

We do not use cookies or trackers for third-party advertising. The Service does not display advertisements and does not allow third parties to advertise to you within the Service.

II. How We Use Your Information

We use the information we collect to:

  • Provide, operate, maintain, and secure the Service
  • Create, authenticate, and manage your account
  • Deliver AI-generated insights, valuations, and analytics that you request
  • Communicate with you about your account, including transactional and administrative notices
  • Respond to your inquiries and provide customer support
  • Process transactions and subscriptions if and when paid features are introduced
  • Detect, prevent, and respond to fraud, abuse, security incidents, and unauthorized access
  • Comply with applicable laws, regulations, legal process, and governmental requests
  • Enforce our Terms and Conditions and protect our rights, property, and users
  • Improve, debug, and develop new features for the Service

Important Notice Regarding AI-Generated Content

Any pricing estimates, market valuations, value forecasts, label identifications, tasting notes, or other content generated by artificial intelligence within the Service are informational only. AI outputs may be inaccurate, incomplete, outdated, or otherwise unreliable. They are not financial advice, valuation guarantees, or appraisals, and must not be relied upon for insurance claims, investment decisions, tax filings, or sale transactions without independent verification. You remain solely responsible for verifying any AI-generated content before relying on it. We make no representations or warranties about the accuracy, completeness, or fitness for purpose of any AI-generated output.

III. How We Share Your Information

We do not sell, rent, or lease your personal information. We do not sell biometric data. We do not share your information with advertisers, ad networks, or data brokers.

We may share your information only in the following limited circumstances:

  • Service providers and subprocessors. We share information with vendors that help us operate the Service (such as hosting, database, storage, email, and AI providers). These vendors are contractually bound to use the information only to provide services to us and to maintain its confidentiality. See Section IV for our key subprocessors.
  • Legal compliance. We may disclose information if we believe in good faith that disclosure is required to comply with a law, regulation, subpoena, court order, or other legal process, or to respond to a lawful request from a government authority.
  • Protection of rights and safety. We may disclose information when we believe in good faith that disclosure is necessary to investigate, prevent, or respond to suspected fraud, security incidents, threats to physical safety, violations of our Terms, or other illegal activity.
  • Business transactions. If WineSpirit is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction, subject to standard confidentiality protections. We will notify you of any such transfer that materially affects how your data is handled.
  • With your direction. When you use sharing features within the Service (for example, generating a public link to share a bottle from your cellar), the information you choose to share will be visible to anyone with that link until you revoke it.

IV. Third-Party Subprocessors

To operate the Service, we engage third-party service providers ("Subprocessors") for functions such as hosting, data storage, transactional email delivery, and artificial-intelligence processing. Each Subprocessor is contractually obligated to handle your information in accordance with applicable privacy laws and our requirements, and is permitted to use it only as needed to provide services to us.

Categories of Subprocessors

  • Hosting and serverless compute — to run the Service's application code and handle web traffic.
  • Database providers — to store your account data, collection records, and related metadata.
  • File and image storage — to store the photographs and other files you upload.
  • Transactional email providers — to send account-related and other transactional messages.
  • Analytics and error-monitoring providers — to monitor performance and diagnose issues.
  • Artificial-intelligence providers — see below.

Artificial Intelligence Providers

Because AI processing involves the content you upload (such as bottle photographs and label text), we identify our current AI Subprocessors specifically:

  • Google LLC (Gemini API) — primary provider for label identification, market price lookups, value forecasting, and in-app analysis
  • Anthropic, PBC (Claude API) — secondary provider for selected analytical features

When you upload an image or submit text content for AI processing, the relevant input is securely transmitted to one or more of these AI providers solely to perform the requested analysis.

No public model training. Data transmitted via these enterprise APIs is not used to train Google's or Anthropic's publicly available consumer AI models, in accordance with each provider's enterprise data-use terms. Your inputs are used only to return the requested response.

Limited retention by AI providers. AI providers may temporarily retain API request data (typically up to 30 days) for the purposes of abuse detection, security monitoring, and debugging, after which the data is deleted in accordance with the provider's enterprise data-handling policies.

Current Subprocessor List

A current and complete list of our Subprocessors, including provider names and the purpose for which each is used, is maintained at winespirit.app/subprocessors. We will update that page when Subprocessors change. We will notify you of material changes (such as the introduction of a new AI provider that processes your uploaded content) by in-app notice or email.

V. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your information, including:

  • TLS/SSL encryption for data in transit
  • Encryption at rest for stored database content where supported by our infrastructure providers
  • Hashed passwords (we do not store or have access to your plaintext password)
  • Access controls and least-privilege permissions for personnel
  • Audit logging of administrative actions
  • Secure, reputable hosting environments

Despite these measures, no method of transmission over the internet or electronic storage is 100% secure. You acknowledge that there are inherent security limitations of internet communications that are beyond our control, and that the absolute security of any information you transmit to us cannot be guaranteed. You use the Service at your own risk.

VI. Data Retention and Deletion

Retention

We retain your personal information only for as long as is necessary for the purposes set out in this Policy, including:

  • For the duration of your active account
  • For a limited period after account closure (typically up to 90 days) to allow for account recovery, dispute resolution, and backup integrity
  • For longer periods where required by law, regulation, contract, or legitimate business interest (such as fraud prevention, accounting, or audit logs)

Aggregated and anonymized data, which does not identify you, may be retained indefinitely.

Account Deletion

You may close your account at any time through the Settings page within the Service or by contacting us at info@winespirit.app. When your account is deleted, we will delete or anonymize your personal information from our active production systems within a reasonable time after the request, subject to the retention exceptions described below and elsewhere in this Policy. Backup copies are overwritten in the ordinary course according to our backup retention schedule.

Exceptions to Deletion

We may not be able to delete your information if it is necessary to:

  • Complete a transaction or service you requested or that is reasonably anticipated within the context of an ongoing relationship
  • Detect, investigate, or prevent security incidents, fraud, or illegal activity
  • Identify and repair errors that impair existing intended functionality
  • Exercise free speech rights or another right provided for by law
  • Comply with the California Electronic Communications Privacy Act, the Florida Information Protection Act, or other applicable laws
  • Engage in public-interest or peer-reviewed research consistent with applicable ethics laws, where deletion would seriously impair the research, with appropriate consent
  • Enable internal uses reasonably aligned with your expectations
  • Comply with a legal obligation
  • Otherwise use the information internally in a lawful manner compatible with the context in which you provided it

VII. Your Privacy Rights

Depending on your jurisdiction, you may have specific rights with respect to your personal information. We honor the rights described below regardless of where you reside, to the extent operationally feasible.

A. California Residents (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what categories of personal information we have collected, the sources, the purposes for collecting it, and the categories of third parties with whom we share it
  • Access the specific pieces of personal information we have about you
  • Request correction of inaccurate personal information
  • Request deletion of your personal information (subject to the exceptions in Section VI)
  • Opt out of the sale or sharing of personal information (we do not sell or share personal information for cross-context behavioral advertising)
  • Limit the use and disclosure of sensitive personal information
  • Be free from retaliation for exercising your rights

To exercise these rights, contact info@winespirit.app. We will verify your identity before responding and will respond within the timeframes required by law.

B. Florida Residents (Florida Digital Bill of Rights)

If you are a Florida resident, you have rights under the Florida Digital Bill of Rights (Fla. Stat. § 501.71 et seq.) similar to those described above, to the extent applicable. WineSpirit reviews and updates this Policy at least annually to ensure that it remains accurate, complete, and consistent with applicable law and our current personal-data processing practices, in accordance with Fla. Stat. § 501.711(1).

C. European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)

If you are located in the EEA, the United Kingdom, or Switzerland, you have rights under the GDPR, the UK GDPR, and the Swiss Federal Act on Data Protection, including the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Erase personal data ("right to be forgotten") subject to lawful exceptions
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time, where processing is based on consent
  • Lodge a complaint with your local data protection authority

We process your personal data on the following lawful bases:

  • Contract — to provide the Service you have requested
  • Legitimate interests — to secure the Service, prevent fraud, debug issues, and improve features, balanced against your interests
  • Consent — for marketing communications and where otherwise required
  • Legal obligation — where processing is required to comply with law

To exercise these rights, contact info@winespirit.app.

D. Other Jurisdictions

Residents of other U.S. states (including Virginia, Colorado, Connecticut, Utah, Texas, and others as applicable) may have similar rights under their respective state privacy laws. We will honor verifiable consumer requests in accordance with applicable law. Contact info@winespirit.app to exercise your rights.

VIII. International Data Transfers

WineSpirit operates from the United States, and your information is stored and processed in the United States. If you are accessing the Service from outside the United States, your information will be transferred to, stored in, and processed in the United States. Where required by law, we rely on appropriate transfer mechanisms, such as the European Commission's Standard Contractual Clauses or equivalent safeguards, to ensure your information receives an adequate level of protection.

By using the Service from outside the United States, you understand and consent to the transfer of your information to the United States.

IX. Minors

The Service is intended exclusively for adults of legal drinking age in their jurisdiction (at least 21 years old in the United States and certain other jurisdictions). We do not direct the Service to minors and we do not knowingly collect personal information from any individual under the age of 21. If you are under 21, you must not create an account or provide any information to us.

In addition, in accordance with the U.S. Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under the age of 13. If we learn that we have inadvertently collected personal information from a child under 13, we will delete it promptly. If you believe we may have collected information from a child under 13, please contact info@winespirit.app.

X. Email and Other Communications

We may send you:

  • Transactional and account communications — for example, signup confirmations, password resets, account-deletion confirmations, important changes to the Service, security notices, and responses to your support inquiries. You cannot opt out of these communications while you maintain an active account, as they are necessary to operate the Service.
  • Promotional or informational communications — for example, product updates, tips, or feature announcements. You may opt out at any time through the unsubscribe link in those communications.

XI. Data Breach Notification

In the event of a security incident that compromises the confidentiality, integrity, or availability of your personal information, we will promptly investigate the incident and notify affected individuals and applicable regulatory authorities to the extent and within the timeframes required by applicable law.

XII. Changes to This Policy

We may update this Policy from time to time, including to reflect changes in the Service, in our practices, or in applicable law. When we make material changes, we will notify you by posting a prominent notice within the Service, by updating the "Effective Date" above, and (where appropriate) by emailing the address associated with your account. Your continued use of the Service after the updated Policy takes effect constitutes your acceptance of the updated Policy. If you do not agree, you must stop using the Service and may close your account.

XIII. Contact Us

For questions, concerns, requests to exercise your privacy rights, or any other matter related to this Policy, please contact:

WineSpirit LLC

11430 NW 5th Street

Plantation, Florida 33325

United States

Email: info@winespirit.app

This Policy is reviewed annually and was last updated on April 27, 2026.